Show simple item record  

dc.contributor.authorLuckie, Matthew Johnen_NZ
dc.contributor.authorBeverly, Roberten_NZ
dc.contributor.authorKoga, Ryanen_NZ
dc.contributor.authorKeys, Kenen_NZ
dc.contributor.authorKroll, Joshua A.en_NZ
dc.contributor.authorclaffy, kcen_NZ
dc.coverage.spatialLondon, UKen_NZ
dc.date.accessioned2019-11-20T22:25:48Z
dc.date.available2019en_NZ
dc.date.available2019-11-20T22:25:48Z
dc.date.issued2019en_NZ
dc.identifier.citationLuckie, M. J., Beverly, R., Koga, R., Keys, K., Kroll, J. A., & claffy, kc. (2019). Network hygiene, incentives, and regulation: Deployment of source address validation in the internet. In Proceedings of 2019 ACM SIGSAC Conference on Computer and Communications Security (CCS ’19) (pp. 465–480). New York, NY, USA: ACM Press. https://doi.org/10.1145/3319535.3354232en
dc.identifier.isbn9781450367479en_NZ
dc.identifier.urihttps://hdl.handle.net/10289/13176
dc.description.abstractThe Spoofer project has collected data on the deployment and characteristics of IP source address validation on the Internet since 2005. Data from the project comes from participants who install an active probing client that runs in the background. The client automatically runs tests both periodically and when it detects a new network attachment point. We analyze the rich dataset of Spoofer tests in multiple dimensions: across time, networks, autonomous systems, countries, and by Internet protocol version. In our data for the year ending August 2019, at least a quarter of tested ASes did not filter packets with spoofed source addresses leaving their networks. We show that routers performing Network Address Translation do not always filter spoofed packets, as 6.4% of IPv4/24 tested in the year ending August 2019 did not filter. Worse, at least two thirds of tested ASes did not filter packets entering their networks with source addresses claiming to be from within their network that arrived from outside their network. We explore several approaches to encouraging remediation and the challenges of evaluating their impact. While we have been able to remediate 352 IPv4/24, we have found an order of magnitude more IPv4/24 that remains unremediated, despite myriad remediation strategies, with 21% unremediated for more than six months. Our analysis provides the most complete and confident picture of the Internet's susceptibility to date of this long-standing vulnerability. Although there is no simple solution to address the remaining long-tail of unremediated networks, we conclude with a discussion of possible non-technical interventions, and demonstrate how the platform can support evaluation of the impact of such interventions over time.
dc.format.mimetypeapplication/pdf
dc.language.isoen
dc.publisherACM Pressen_NZ
dc.rights© 2019 Association for Computing Machinery. This is the author's accepted version.
dc.subjectcomputer scienceen_NZ
dc.subjectnetworksen_NZ
dc.subjectnetwork securityen_NZ
dc.titleNetwork hygiene, incentives, and regulation: Deployment of source address validation in the interneten_NZ
dc.typeConference Contribution
dc.identifier.doi10.1145/3319535.3354232en_NZ
dc.relation.isPartOfProceedings of 2019 ACM SIGSAC Conference on Computer and Communications Security (CCS '19)en_NZ
pubs.begin-page465
pubs.elements-id249459
pubs.end-page480
pubs.finish-date2019-11-15en_NZ
pubs.place-of-publicationNew York, NY, USA
pubs.publication-statusPublisheden_NZ
pubs.start-date2019-11-11en_NZ


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record